Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a9/bc5f15-58ae-4df0-9c6d-e7ad73bbcc89/1/Ay1SsyOaHOPN00MxNIzngN3xZMA.mft
File:                     Ay1SsyOaHOPN00MxNIzngN3xZMA.mft (raw, json)
Hash identifier:          /A3pQD9t/LM7XmO28a4+XrLFvlw3NqSKl+aHnXPYFFw=
Subject key identifier:   9F:53:D8:14:D6:43:4D:F8:D3:C7:86:E5:2D:11:34:18:25:CD:58:89
Authority key identifier: 03:2D:52:B3:23:9A:1C:E3:CD:D3:43:31:34:8C:E7:80:DD:F1:64:C0
Certificate issuer:       /CN=032d52b3239a1ce3cdd34331348ce780ddf164c0
Certificate serial:       0198D47432300AD5F31CBF1BE613EC927C6C
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Ay1SsyOaHOPN00MxNIzngN3xZMA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/a9/bc5f15-58ae-4df0-9c6d-e7ad73bbcc89/1/Ay1SsyOaHOPN00MxNIzngN3xZMA.mft
Manifest number:          06FA
Signing time:             Sat 23 Aug 2025 01:04:01 +0000
Manifest this update:     Sat 23 Aug 2025 01:04:01 +0000
Manifest next update:     Sun 24 Aug 2025 01:04:01 +0000
Files and hashes:         1: Ay1SsyOaHOPN00MxNIzngN3xZMA.crl (hash: Cmhu0YIltGZddyOM9BSwa7+3riSOs8Qhew2GDoh6+9E=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/a9/bc5f15-58ae-4df0-9c6d-e7ad73bbcc89/1/Ay1SsyOaHOPN00MxNIzngN3xZMA.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/a9/bc5f15-58ae-4df0-9c6d-e7ad73bbcc89/1/Ay1SsyOaHOPN00MxNIzngN3xZMA.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/Ay1SsyOaHOPN00MxNIzngN3xZMA.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 24 Aug 2025 00:37:04 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:d4:74:32:30:0a:d5:f3:1c:bf:1b:e6:13:ec:92:7c:6c
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=032d52b3239a1ce3cdd34331348ce780ddf164c0
        Validity
            Not Before: Aug 23 01:04:01 2025 GMT
            Not After : Aug 24 01:04:01 2025 GMT
        Subject: CN=9f53d814d6434df8d3c786e52d11341825cd5889
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:be:b5:41:07:f4:17:90:c3:73:34:fe:c0:c0:d9:
                    ec:1b:0e:28:c9:a3:78:6f:48:43:64:94:73:41:85:
                    bf:74:f5:59:f1:32:bf:a3:a1:00:76:9b:8b:b5:c0:
                    f7:4d:00:73:de:af:64:91:76:d6:ad:be:b0:8b:ba:
                    16:98:0f:65:d9:2e:4a:14:ea:71:1c:9e:38:49:73:
                    37:2d:d6:76:32:60:c3:30:ca:13:e4:61:df:6e:0d:
                    dd:00:95:af:73:43:59:65:2f:d0:60:0b:8e:18:97:
                    3c:e6:6f:c0:81:04:05:76:a4:0c:52:2d:e2:fb:f7:
                    96:66:b3:6e:9c:38:c2:fc:6a:29:d4:f2:8c:17:2b:
                    4a:3d:9e:93:59:07:bf:ab:57:5c:98:c5:17:c1:09:
                    09:ae:ea:3c:74:4d:32:20:75:0d:ba:66:ae:b7:0e:
                    c6:3a:04:61:a8:72:ec:44:b3:0e:24:62:e8:7b:dd:
                    d7:e6:4c:69:f4:3d:f6:80:7f:d4:b2:97:22:3d:9d:
                    aa:93:24:50:96:bf:9c:f2:72:99:f2:21:0e:7f:51:
                    04:44:6c:84:c7:f6:d5:31:23:6a:47:da:5a:4d:2e:
                    85:33:d2:d9:95:08:ef:54:38:7f:b5:60:42:ae:6f:
                    31:89:5d:d8:3e:bb:03:fd:c8:bc:82:20:d3:e1:65:
                    7a:7d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                9F:53:D8:14:D6:43:4D:F8:D3:C7:86:E5:2D:11:34:18:25:CD:58:89
            X509v3 Authority Key Identifier:
                keyid:03:2D:52:B3:23:9A:1C:E3:CD:D3:43:31:34:8C:E7:80:DD:F1:64:C0

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Ay1SsyOaHOPN00MxNIzngN3xZMA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a9/bc5f15-58ae-4df0-9c6d-e7ad73bbcc89/1/Ay1SsyOaHOPN00MxNIzngN3xZMA.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/a9/bc5f15-58ae-4df0-9c6d-e7ad73bbcc89/1/Ay1SsyOaHOPN00MxNIzngN3xZMA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         42:79:23:62:d1:a2:33:4a:45:0a:44:31:c1:c5:0f:e8:6e:9a:
         57:6f:4f:98:4e:4d:f0:f5:84:26:fe:68:fc:d0:15:f7:e0:da:
         44:79:1a:4b:36:e8:7d:1b:94:c5:88:64:59:73:46:df:55:4e:
         79:2b:78:ab:34:3c:d7:ba:b2:4a:b0:f8:7b:dd:11:97:9a:24:
         86:90:e9:00:a3:cd:f4:d2:d8:9d:e5:33:2c:d6:01:86:43:a3:
         6f:63:53:5c:b7:95:4a:9f:ec:25:dc:eb:b5:7d:08:91:df:42:
         1b:82:27:4b:10:ef:60:c8:db:b0:fb:25:fe:7a:1f:c4:26:b4:
         e5:0c:eb:ec:0f:4e:06:0d:0b:fb:61:05:13:fc:7d:e4:e0:0a:
         23:8b:e3:80:27:41:1e:90:d1:37:55:ac:59:a9:4a:d3:11:f1:
         13:f6:03:d6:a2:fa:a0:0f:e8:d5:7b:95:a8:27:71:d2:8f:53:
         13:49:d4:84:ac:a2:21:64:8c:3f:35:0a:4c:98:4f:f2:46:5f:
         3a:f0:83:f9:9f:12:ea:88:3f:18:b1:6d:17:ed:94:8d:5e:86:
         09:04:2b:e5:c1:bf:16:ad:74:6f:5c:c7:93:a1:c6:3a:fb:15:
         40:94:77:58:45:ef:16:5e:ec:19:da:1f:30:f3:ed:fb:eb:cf:
         ae:71:b9:3b
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZjUdDIwCtXzHL8b5hPsknxsMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDAzMmQ1MmIzMjM5YTFjZTNjZGQzNDMzMTM0OGNlNzgwZGRm
MTY0YzAwHhcNMjUwODIzMDEwNDAxWhcNMjUwODI0MDEwNDAxWjAzMTEwLwYDVQQD
Eyg5ZjUzZDgxNGQ2NDM0ZGY4ZDNjNzg2ZTUyZDExMzQxODI1Y2Q1ODg5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvrVBB/QXkMNzNP7AwNnsGw4oyaN4
b0hDZJRzQYW/dPVZ8TK/o6EAdpuLtcD3TQBz3q9kkXbWrb6wi7oWmA9l2S5KFOpx
HJ44SXM3LdZ2MmDDMMoT5GHfbg3dAJWvc0NZZS/QYAuOGJc85m/AgQQFdqQMUi3i
+/eWZrNunDjC/Gop1PKMFytKPZ6TWQe/q1dcmMUXwQkJruo8dE0yIHUNumautw7G
OgRhqHLsRLMOJGLoe93X5kxp9D32gH/UspciPZ2qkyRQlr+c8nKZ8iEOf1EERGyE
x/bVMSNqR9paTS6FM9LZlQjvVDh/tWBCrm8xiV3YPrsD/ci8giDT4WV6fQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFJ9T2BTWQ03408eG5S0RNBglzViJMB8GA1UdIwQY
MBaAFAMtUrMjmhzjzdNDMTSM54Dd8WTAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQXkxU3N5T2FIT1BOMDBNeE5Jem5nTjN4Wk1BLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hOS9iYzVmMTUtNThhZS00ZGYwLTljNmQt
ZTdhZDczYmJjYzg5LzEvQXkxU3N5T2FIT1BOMDBNeE5Jem5nTjN4Wk1BLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hOS9iYzVmMTUtNThhZS00ZGYwLTljNmQtZTdhZDczYmJjYzg5
LzEvQXkxU3N5T2FIT1BOMDBNeE5Jem5nTjN4Wk1BLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAQnkjYtGi
M0pFCkQxwcUP6G6aV29PmE5N8PWEJv5o/NAV9+DaRHkaSzbofRuUxYhkWXNG31VO
eSt4qzQ817qySrD4e90Rl5okhpDpAKPN9NLYneUzLNYBhkOjb2NTXLeVSp/sJdzr
tX0Ikd9CG4InSxDvYMjbsPsl/nofxCa05Qzr7A9OBg0L+2EFE/x95OAKI4vjgCdB
HpDRN1WsWalK0xHxE/YD1qL6oA/o1XuVqCdx0o9TE0nUhKyiIWSMPzUKTJhP8kZf
OvCD+Z8S6og/GLFtF+2UjV6GCQQr5cG/Fq10b1zHk6HGOvsVQJR3WEXvFl7sGdof
MPPt++vPrnG5Ow==
-----END CERTIFICATE-----